Hacker News new | ask | show | jobs
by ibmthrowaway271 3834 days ago
> In my books its a minus that you can not rewrite history. What happens if you accidentially add code where you dont own the copyright? Or an API Secret?

Someone will write the necessary scripts (e.g. fossil-rebase) to go into the DB and rewrite history.
2 comments
sgbeal 3834 days ago
> Someone will write the necessary scripts (e.g. fossil-rebase) to go into the DB and rewrite history.

No, they won't. The fossil file format is very strongly protected against any changing of history. Changing history changes multiple hashes (at multiple levels) and breaks it. Immutable history is literally part of the metadata specification, and the db is "just a data store," independent of that specification.

link
thechriswalker 3834 days ago
From what I just read, the "shun" method means that you can rewrite history by adding a shun, rebuilding a copy, then switching copies.

Not db rewrite, but the same end result.

edit: bad english

link
SQLite 3834 days ago
That won't work because the SHA1 hashes won't match up.

If you accidentally check-in proprietary or sensitive content that you didn't mean to publish, you can shun that content. Shunning leaves a hole in your history. There is no way to replace that hole with different content.

link
pdw 3834 days ago
Git is the same, if you rebase many hashes will be recalculated, and the "tampering" would be obvious to anyone who had a copy of the repository. It is possible to implement the equivalent of rebase in any distributed VCS, the authors of Fossil simply chose not to. If it becomes more popular, somebody else likely will.
link
sgbeal 3834 days ago
i've been on the fossil dev team since 2008, and i have seen many people claim that it "could" be compromised/modified post facto, and yet... nobody has been able to do it. Fossil's core data model does not just _assume_ that history doesn't change - it makes it essentially impossible to do.

Shunning is a special case which removes a given artifact from the db, but is considered a "nuclear option" of last resort. i've never personally used it.

link
thecatspaw 3834 days ago
Yes, but then you are fighting the software, and it wouldnt need to be immutable at all if you can change it anyway
link